Rising Tide of Personal Data Breach

12th April, 2019 03:11:26

In the global information economy, data and information have emerged as a powerful weapon. It has virtually brought a paradigm shift in governing the world where the trend of acquiring physical asset such as oil or gas by the world powers is shifting towards accumulating and harnessing tangible asset like data and information. It’s being said the more important data is at someone’s disposal, the more powerful s/he is. As things stand, personal data have become the all-important driving force, giving a fresh impetus to the much of current online activity. While it’s true that vast amounts of information are transmitted, stored and collected across the globe using digital gadgets to perform day by day activities, it’s also undeniable that these digital gadgets with internet connectivity may run the risk of data breach.

In this day and age, using smart gadgets in day to day work has been a new black. You may boast of your sleek handheld gadgets doing important work for you in the blink of eyes just with a few flicks on it. But then, if you remain indifferent of personal data using by these devices and couldn’t care less about its protection, perhaps it’s time to kiss such attitudes goodbye. This is more so because news broke at the fag end of last year that personal data and documents from hundreds of German politicians and public figures including Chancellor Angela Merkel were published online, an attempt said to be one of Germany’s most far-reaching data breaches. An initial analysis carried out indicated that data, including addresses, personal letters and copies of identity cards, had been obtained through wrongful use of log-in information for cloud services, email accounts or social networks. The incident is looked on as an exposure of high profile data breach and attracted a great deal of public attention. But what about the data breaches that is being occurred night and day and that your personal information being used for commercial purpose by others without your knowledge? Let’s have a look at these aspects.

A recent independent study conducted by the public Universidad Carlos III de Madrid, IMDEA Networks Institute and Stony Brook University in Spain, has showed that personal information that can be collected by pre-installed programmes on new Android mobile devices is expansive and faces little oversight. It’s to be noted that unlike other usual apps which the users can easily remove whenever they like, pre-installed apps often cannot be uninstalled. So, one cannot get rid of the app even after they come to know about suspecting or malicious behaviour of it. Besides, the study laid bare the setup posed a potential threat to users’ privacy and security because the pre-installed apps can get unfettered access to data that similar apps distributed through Google’s Play app store cannot.

The study has brought the fact of personal data vulnerability to the light once again. What is more disconcerting is that in many cases the users themselves unwittingly give permission for service providers to use their data by paying scant attention to consent forms before they agree to them, shooting themselves in the foot, so to speak. Often, one may not even aware of the fact that their data being stealthily exploited by others; for instance, while buying something from a shop, checking in a hotel or booking an amusement facility, or in some way or other.

In fact, due to unprecedented advancement of technology, smart devices can make their users feel they have access to the world at the tips of their fingers. But then, these gadgets can also be a gateway for the world to access their personal data. Study reveals that young users, especially students who account for a bulk of the current smart devices user, unaware that data on smart devices can be obtained by service providers and software companies who share this information with third parties. That mobile phone operators or marketing agents of different products frequently send promotional offers on your number is a case in point.

The negative repercussions of smart technology are making themselves felt in ways not foreseen until now. Unprotected personal information can be used for data mining by marketing companies, research organisations, etc, sometimes to indulge in utterly unethical activities with ulterior purpose. The harvesting of millions of Facebook users’ profile data for political purposes in the last US presidential election can be cited as one of the most infamous examples of this sort. There can also be social, physical, mental or psychological implications: lackadaisical approach to data protection can put individuals at grave risk of cyber bullying, sextortion, blackmail, and sometimes can even lead to murder or killing.

With eight handset assembling plants, including one from Korean giant Samsung, the country has seen a rapid boom in smart devices in recent years, which not only has brought about significant changes in communication patterns with fast and instant communications but also contributed a lot to the digitalisation of the country. However, issues of personal data being used by these devices, its protection and existing security concerns largely remain unaddressed. And in our case the matter of data security breaches come to a head only when the damage is done. That swindling card holders by ATM fraudulence through identify theft is common in the country is a glaring example of this.

Therefore, it is time to turn our attention to the personal data protection and security. As individuals have major role in giving out their information in need, they should play their part so that personal data does not go at the insecure hand. People, particularly the youth who are the most avid consumers of such gadget, should be encouraged self-help and must take measures to protect themselves in the digital world. To that end, they should pay attention to the security notification on their devices, maintain high privacy settings on them and promptly install security updates. Besides, users can secure their home WiFi networks, disable microphones and cameras when not using them, and create ‘strong’ passwords, etc. The authorities too must enforce the provisions of the Digital Security Act that make unauthorised use of identity information illegal. The risk of data theft is all-pervasive. So, the least things one can do is to preclude this by taking necessary measures.

The writer is an Associate Engineer at Thakral Information Systems Pvt. Ltd. He can be reached at email -- [email protected]